cbcvebase.
CVE-2022-2830
published 2022-09-05

CVE-2022-2830: Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe…

PriorityP355critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.76%
50.8th percentile
Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. Bitdefender GravityZone Cloud Console versions prior to 6.27.2-2.

Affected

4 ranges
VendorProductVersion rangeFixed in
bitdefendergravityzone< 6.27.2-26.27.2-2
bitdefendergravityzone< 6.29.2-16.29.2-1
bitdefendergravityzone_cloud_console>= unspecified < 6.27.2-26.27.2-2
bitdefendergravityzone_console_on-premise>= unspecified < 6.29.2-16.29.2-1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.